netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* addrconf: refcnt with  IPV6_PRIVACY enabled
@ 2010-11-23 13:40 Sergey Senozhatsky
  2010-11-23 14:33 ` Eric Dumazet
  0 siblings, 1 reply; 5+ messages in thread
From: Sergey Senozhatsky @ 2010-11-23 13:40 UTC (permalink / raw)
  To: David S. Miller
  Cc: netdev, linux-kernel, Pekka Savola (ipv6), Hideaki YOSHIFUJI

Hello,

I've sent a patch http://lkml.org/lkml/2010/11/21/124 
"[PATCH] ipv6: fix inet6_dev refcnt with IPV6_PRIVACY enabled" related
to wrong in6_dev refcnt value when IPV6_PRIVACY enabled.

I've took a second look, and question arised - 
Is it actually necessary to in6_dev_hold/in6_dev_put in ipv6_regen_rndid?
In ipv6_regen_rndid we call in6_dev_hold only when mod_timer == 0,
and always in6_dev_put. 


I've removed check for < 0 and goto from __ipv6_regen_rndid call, since it 
always return 0.


Please, kindly review V2.

---

 net/ipv6/addrconf.c |   10 +++-------
 1 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 2fc35b3..8187d14 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -425,7 +425,6 @@ static struct inet6_dev * ipv6_add_dev(struct net_device *dev)
 		       dev->name);
 		ndev->cnf.use_tempaddr = -1;
 	} else {
-		in6_dev_hold(ndev);
 		ipv6_regen_rndid((unsigned long) ndev);
 	}
 #endif
@@ -1653,8 +1652,7 @@ static void ipv6_regen_rndid(unsigned long data)
 	if (idev->dead)
 		goto out;
 
-	if (__ipv6_regen_rndid(idev) < 0)
-		goto out;
+	__ipv6_regen_rndid(idev);
 
 	expires = jiffies +
 		idev->cnf.temp_prefered_lft * HZ -
@@ -1667,13 +1665,11 @@ static void ipv6_regen_rndid(unsigned long data)
 		goto out;
 	}
 
-	if (!mod_timer(&idev->regen_timer, expires))
-		in6_dev_hold(idev);
-
+	mod_timer(&idev->regen_timer, expires);
+	
 out:
 	write_unlock_bh(&idev->lock);
 	rcu_read_unlock_bh();
-	in6_dev_put(idev);
 }
 
 static int __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr) {

^ permalink raw reply related	[flat|nested] 5+ messages in thread
* Re: addrconf: refcnt with  IPV6_PRIVACY enabled
  2010-11-23 13:40 addrconf: refcnt with IPV6_PRIVACY enabled Sergey Senozhatsky
@ 2010-11-23 14:33 ` Eric Dumazet
  2010-11-23 14:53   ` Sergey Senozhatsky
  2010-11-23 15:17   ` Sergey Senozhatsky
  0 siblings, 2 replies; 5+ messages in thread
From: Eric Dumazet @ 2010-11-23 14:33 UTC (permalink / raw)
  To: Sergey Senozhatsky
  Cc: David S. Miller, netdev, linux-kernel, Pekka Savola (ipv6),
	Hideaki YOSHIFUJI

Le mardi 23 novembre 2010 à 15:40 +0200, Sergey Senozhatsky a écrit :
> Hello,
> 
> I've sent a patch http://lkml.org/lkml/2010/11/21/124 
> "[PATCH] ipv6: fix inet6_dev refcnt with IPV6_PRIVACY enabled" related
> to wrong in6_dev refcnt value when IPV6_PRIVACY enabled.
> 
> I've took a second look, and question arised - 
> Is it actually necessary to in6_dev_hold/in6_dev_put in ipv6_regen_rndid?
> In ipv6_regen_rndid we call in6_dev_hold only when mod_timer == 0,
> and always in6_dev_put. 
> 
> 
> I've removed check for < 0 and goto from __ipv6_regen_rndid call, since it 
> always return 0.
> 
> 
> Please, kindly review V2.
> 
> ---
> 
>  net/ipv6/addrconf.c |   10 +++-------
>  1 files changed, 3 insertions(+), 7 deletions(-)
> 
> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> index 2fc35b3..8187d14 100644
> --- a/net/ipv6/addrconf.c
> +++ b/net/ipv6/addrconf.c
> @@ -425,7 +425,6 @@ static struct inet6_dev * ipv6_add_dev(struct net_device *dev)
>  		       dev->name);
>  		ndev->cnf.use_tempaddr = -1;
>  	} else {
> -		in6_dev_hold(ndev);
>  		ipv6_regen_rndid((unsigned long) ndev);
>  	}
>  #endif
> @@ -1653,8 +1652,7 @@ static void ipv6_regen_rndid(unsigned long data)
>  	if (idev->dead)
>  		goto out;
>  
> -	if (__ipv6_regen_rndid(idev) < 0)
> -		goto out;
> +	__ipv6_regen_rndid(idev);
>  
>  	expires = jiffies +
>  		idev->cnf.temp_prefered_lft * HZ -
> @@ -1667,13 +1665,11 @@ static void ipv6_regen_rndid(unsigned long data)
>  		goto out;
>  	}
>  
> -	if (!mod_timer(&idev->regen_timer, expires))
> -		in6_dev_hold(idev);
> -
> +	mod_timer(&idev->regen_timer, expires);
> +	
>  out:
>  	write_unlock_bh(&idev->lock);
>  	rcu_read_unlock_bh();
> -	in6_dev_put(idev);
>  }
>  
>  static int __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr) {
> 


Sergey, I dont think your patches (V1 or V2) are correct.

You leak a refcount if (idev->dead) is true

ipv6_regen_rndid() is the timer handler function, it must call
in6_dev_put() at the end, unless we rearm the timer.

So this code is correct.


if (!mod_timer(&idev->regen_timer, expires))
	in6_dev_hold(idev);
...
in6_dev_put(idev);


And we must call in6_dev_hold() before calling the handler, either
directly from ipv6_add_dev() [Where your first patch tried to remove the
dev_hold() call], or when arming the timer.

Are you sure the problem you try to solve is not already solved in
commit 88b2a9a3d98a19496d64aadda7158c0ad51cbe7d in net-2.6 tree ?

http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=88b2a9a3d98a19496d64aadda7158c0ad51cbe7d

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: addrconf: refcnt with  IPV6_PRIVACY enabled
  2010-11-23 14:33 ` Eric Dumazet
@ 2010-11-23 14:53   ` Sergey Senozhatsky
  2010-11-23 15:08     ` Eric Dumazet
  2010-11-23 15:17   ` Sergey Senozhatsky
  1 sibling, 1 reply; 5+ messages in thread
From: Sergey Senozhatsky @ 2010-11-23 14:53 UTC (permalink / raw)
  To: Eric Dumazet
  Cc: David S. Miller, netdev, linux-kernel, Pekka Savola (ipv6),
	Hideaki YOSHIFUJI

[-- Attachment #1: Type: text/plain, Size: 1073 bytes --]

Hello Eric,

On (11/23/10 15:33), Eric Dumazet wrote:
> Sergey, I dont think your patches (V1 or V2) are correct.
> 
> You leak a refcount if (idev->dead) is true
>
Hm, that's true. Thank you.

 
> ipv6_regen_rndid() is the timer handler function, it must call
> in6_dev_put() at the end, unless we rearm the timer.
> 
> So this code is correct.
> 
> 
> if (!mod_timer(&idev->regen_timer, expires))
> 	in6_dev_hold(idev);
> ...
> in6_dev_put(idev);
>

Even if in6_dev_hold hasn't been called from ipv6_regen_rndid?


> 
> And we must call in6_dev_hold() before calling the handler, either
> directly from ipv6_add_dev() [Where your first patch tried to remove the
> dev_hold() call], or when arming the timer.
> 
> Are you sure the problem you try to solve is not already solved in
> commit 88b2a9a3d98a19496d64aadda7158c0ad51cbe7d in net-2.6 tree ?
> 
> http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=88b2a9a3d98a19496d64aadda7158c0ad51cbe7d
> 

Oh, haven't seen this one. I'll try, thank you.


	Sergey

[-- Attachment #2: Type: application/pgp-signature, Size: 316 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: addrconf: refcnt with  IPV6_PRIVACY enabled
  2010-11-23 14:53   ` Sergey Senozhatsky
@ 2010-11-23 15:08     ` Eric Dumazet
  0 siblings, 0 replies; 5+ messages in thread
From: Eric Dumazet @ 2010-11-23 15:08 UTC (permalink / raw)
  To: Sergey Senozhatsky
  Cc: David S. Miller, netdev, linux-kernel, Pekka Savola (ipv6),
	Hideaki YOSHIFUJI

Le mardi 23 novembre 2010 à 16:53 +0200, Sergey Senozhatsky a écrit :
>  
> > ipv6_regen_rndid() is the timer handler function, it must call
> > in6_dev_put() at the end, unless we rearm the timer.
> > 
> > So this code is correct.
> > 
> > 
> > if (!mod_timer(&idev->regen_timer, expires))
> > 	in6_dev_hold(idev);
> > ...
> > in6_dev_put(idev);
> >
> 
> Even if in6_dev_hold hasn't been called from ipv6_regen_rndid?
> 


Yes.

Rules are :

in6_dev_hold() when arming timer, so that device doesnt disappear while
timer handler might run and need it.

in6_dev_put() when timer handler finishes

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: addrconf: refcnt with  IPV6_PRIVACY enabled
  2010-11-23 14:33 ` Eric Dumazet
  2010-11-23 14:53   ` Sergey Senozhatsky
@ 2010-11-23 15:17   ` Sergey Senozhatsky
  1 sibling, 0 replies; 5+ messages in thread
From: Sergey Senozhatsky @ 2010-11-23 15:17 UTC (permalink / raw)
  To: Eric Dumazet
  Cc: David S. Miller, netdev, linux-kernel, Pekka Savola (ipv6),
	Hideaki YOSHIFUJI

[-- Attachment #1: Type: text/plain, Size: 440 bytes --]

On (11/23/10 15:33), Eric Dumazet wrote:
> Are you sure the problem you try to solve is not already solved in
> commit 88b2a9a3d98a19496d64aadda7158c0ad51cbe7d in net-2.6 tree ?
> 
> http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=88b2a9a3d98a19496d64aadda7158c0ad51cbe7d
> 

Seems to work for me. 
Sorry for noise, thank you.

Tested-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>


	Sergey

[-- Attachment #2: Type: application/pgp-signature, Size: 316 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-11-23 15:17 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-23 13:40 addrconf: refcnt with IPV6_PRIVACY enabled Sergey Senozhatsky
2010-11-23 14:33 ` Eric Dumazet
2010-11-23 14:53   ` Sergey Senozhatsky
2010-11-23 15:08     ` Eric Dumazet
2010-11-23 15:17   ` Sergey Senozhatsky

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).